Cyber Europe

ENISA has been organising the biennial ‘Cyber Europe’ series since 2010. Cyber Europe is a series of large-scale, cross-border cyber crisis management exercises. These exercises feature complex realistic scenarios inspired by real-case events and threats. ENISA develops these exercises in collaboration with European cybersecurity experts. Those exercises simulate large-scale cybersecurity incidents, escalating into cyber crises. They are performed to analyse advanced technical cybersecurity incidents and test participants' ability to handle complex situations and to share key information with their peers. ‘Cyber Europe’ brings together leading cybersecurity experts from the EU and EFTA's public and private sectors, alongside with European Institutions, Bodies, and Agencies, to strengthen their technical and operational capabilities.

Participating at Cyber Europe is a great opportunity to:

• Raise awareness on cyber issues at all levels;
• Identify gaps in existing operational procedures;
• Test new cyber crisis management procedures or retest updated ones;
• Evaluate the performance of teams under high pressure;
• Identify skill gaps in teams;
• Build stronger connections within the cyber response chain (internal and external);
• Develop shared understanding and terminology;
• Enhance individual and collective skills, enhance resilience at individual and team level;
• Improve skills required for analysing advanced technical cybersecurity incidents;
• Train how to deal with complex business continuity and crisis management situations.

This exercise provides an opportunity to improve cyber incident response at all levels—strategic, operational, and technical—both nationally and internationally, without the risk of real-world consequences.

Cyber Europe 2026

Cyber Europe 2026 is the 8th edition of this pan-European series of exercises, planned to be held in June 2026. our core mission is to take a significant step forward in strengthening the cyber preparedness of the EU’s critical infrastructure, contributing to a more secure and resilient Europe. 

Sectors in scope - Rail & Maritime 

This year’s edition will focus on transport infrastructure and particularly on the rail and maritime NIS2 subsectors of high criticality

According to data analysed for the latest ENISA Threat Landscape report, transport was the second most targeted sector in 2024, accounting for 11% of the total number of cyber incidents and 15% of those target the EU.

For the past two years, the threat level of the sector has remained substantial. ​ Findings of the ENISA NIS360 2024 report that the maritime sector falls in the maturity-criticality ‘risk zone’, while rail remains on the limit of that zone, suggesting that there is room for improvement in their maturity relative to their criticality.

Despite the strong understanding of cyber risks and effective controls, the rail and maritime sectors remain reliant on legacy systems and still have to work on the implementation of NIS2-aligned measures. Rail and maritime share comparable levels of digitalisation, and challenges remain in integrating legacy OT infrastructure with modern systems and maintaining strict safety and reliability standards.​

A glimpse of the scenario

In Cyber Europe 2026, participants will face a large-scale disruption targeting Europe's interconnected transportation systems. Multiple incidents affecting rail and maritime operations will unfold simultaneously across EU member states, creating a complex crisis environment requiring coordinated response. ​​

Cyber Europe 2026 will test our collective resilience and ability to maintain essential services while protecting public confidence in European rail and maritime networks. 

Contact Details:

   Any question on the Cyber Europe 2024 exercise, please contact: [email protected]
   Any question on the communications and press, please contact: [email protected]